Confirm

We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies.More Information

How to resolve Chrome/Firefox complaining about weak Diffie-Hellman key?

Type: Knowledgebase

Date changed: 3 years ago

Solution #00007443

Scope:

Firmware version: 2.6.1.9 and lower

Answer:

Upgrade to firmware 2.6.2.0 which contains support for Elliptic Curve
Ciphers and also has a stronger Diffie-Hellman parameters generated on
first use.

Current versions of Chrome (v45+) and Firefox (v39+) will refuse to connect via HTTPS to an SSL-VPN appliance with outdated Diffie-Hellman ciphers. If your SSL-VPN appliance's firmware version is less than 2.2.2.203, you will first have to update your firmware. If the firmware is 2.2.2.203 or newer and Chrome and/or Firefox is complaining about a weak Diffie-Hellman key, open a support tunnel and then contact Barracuda Support to have a Barracuda technician update the Diffie-Hellman ciphers on your SSL-VPN appliance.